Part of my routine when I walk to work is to listen to podcasts. It’s my favorite thing to do. They often inspire me with new ideas or I’ll pick up some interesting tips. However when I listened to this podcast it stopped me dead in my tracks.
“Reply All” (one of my absolute favorites) starts out telling the story Alex Blumberg, CEO of Gimlet Media (which produces the podcast) getting his Uber account hacked. This wasn’t such a problem for me, as I don’t even have an Uber account but I continued to listen. I protested them a long time ago when they first started out because they stole my credit card information. But I digress.
Back to the podcast – the story itself is a little frightening because not only does Alex have his account hacked but the hacker also covers up all his tracks. Once the hacker has treated himself to a few free Uber rides in Russia he manages to delete the account without any trace. Even though Alex’s credit card was charged, when he calls up Uber they have no record of him.
So how did the hackers get into his account?
When a website (like Dropbox or LinkedIn) has a data breach and people’s username and password data are stolen, that information is then sold on the dark web. Someone can then buy that information and use it to try and access your other accounts, by seeing if you have used the same password. That’s why two factor authentication is so important, find out how it works here.
The obvious way to prevent this from happening is to have a different password for every account you have on the internet. But let’s face it – ain’t nobody got time for that.
So what do you do?
The podcast suggests getting a password manager account. Here’s how it works – you will create one master password and it’s the last one you ever have to remember because the password manager will remember all the rest of your unique passwords for all your accounts for you.
I’ve recently started using LastPass, which is a free service. You register all your accounts with them and then use their browser extension to log on to websites. It will help you create very strong passwords and remember it in their database.
It’s been very easy and convenient to use, and I definitely feel much safer browsing online.
At first it’s a bit daunting to think that you have to change all your passwords all at once. You don’t have to if you don’t want to. But now that I’ve been through it (slowly at first) I’d recommend just ripping off the bandaid and letting LastPass change all the passwords for you. They will contact each website and change your password to something really long and convoluted that will keep your account secure.
You can also share passwords with people you’re collaborating on projects with and not even give them the actual password. You will just give them access to that account in LastPass so they will be auto logged in but not actually see the password. This is so helpful for small businesses.
Check out LastPass and let me know how you like it. And if you have another password manager that you like better let me know in the comments below.
Update: A few people have pointed out that keeping all your passwords in one place could make you more vulnerable. Password managers like LastPass have to be on the cutting edge of internet security technology in order to stay in business. You can check out LastPass’s website for all the various methods they use to keep your passwords safe.